In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-11-19T09:20:17

Updated: 2024-08-04T01:58:18.341Z

Reserved: 2021-08-17T00:00:00

Link: CVE-2021-39231

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-19T10:15:08.110

Modified: 2024-11-21T06:18:58.047

Link: CVE-2021-39231

cve-icon Redhat

No data.